Your computer just got stolen! Now What?
Oh man! You’ve got to be kidding me! It’s gone! My computer has been stolen! How could this have happened?! My mind is racing and all my thoughts are crashing into each other and I can feel myself beginning to PANIC!
Now THINK!!! What was on that computer? How sensitive is the information? Did I have a password? How strong was the password? Was the hard drive encrypted? How important were the files on it? Can the computer be replaced? Can the data be replaced? What happens if someone gets my files? Did I have personal information on it? Did I have customer’s personal information on it?!! WHAT ABOUT MY PICTURES?! Do I have a backup? How old is my backup?! Who do I need to tell? WHAT DO I DO?!
Ever been in this situation? Believe me, you better hope you never are. But the very first thing you need to do should happen long before your computer is stolen. If your business depends on either that computer or the data on it, then you have no excuse for not taking the necessary steps beforehand to prevent a computer theft from becoming a disaster. You may not be able to prevent computer thefts, but you can prevent computer thefts from becoming a disaster. I have been involved in a number of mitigation efforts following laptop thefts. It is soooo much easier if just a few precautionary steps have been taken. But they may not all be what you expect.
Before the theft:
Record Keeping: You need to have the make, model, serial number and mac address(es) of your computer recorded someplace in the cloud that you can quickly access from any device connected to the Internet. My favorite places are in a Google Doc or Sheet, and in a cloud-backed-up-note on my phone. When you call the police, they’re going to need the make, model, and serial number. Without those pieces of information they won’t know if a recovered computer is yours, and they won’t be able to tell pawn shop owners to be on the lookout. In other words, without this, your chances of getting your computer back go way down, even if it is recovered by the police.
You can also give the mac addresses to your network administrator to be on the lookout. You’ll have a mac address for both your WiFi adapter and your Ethernet adapter, if you have one. The easiest place to find them is usually on the outside of the box it comes in. It’s a 12 digit hexadecimal number in the form of xx:xx:xx:xx:xx. It might also be listed on the bottom of the computer. If all else fails, just Google how to find it for your particular operating system (Windows, Mac, etc.).
Cloud Backups: Unless you have the luxury of a network administrator who has gone the extra mile and is backing up your computer to a central server, you should be backing up directly to the cloud. Shoot, even if you do have an on-the-ball network admin, it can’t hurt and could just save your skin. USB backups depend on you to remember to make them. USB devices are notoriously unreliable, can be stolen right along with your computer, burn up in a fire, destroyed in a flood, etc. That $50 per year you’ll spend on backing up to the cloud will seem like a pittance once you restore from it. You’ll realize that you never gave it a second thought after you installed it, yet it was backing up your data faithfully every day and never bothered you even once. Your personal pictures alone are worth far more that, let alone if you were able to restore your business data. I use and recommend BackBlaze (backblaze.com); install-it-and-forget-it-peace-of-mind for $50 a year. It’s the best bargain going.
Basic Security: If you’re confident that the thief cannot get into your data then you won’t feel nearly as panicky if your computer is stolen. So do everything you can to keep them out! You need a strong password on your computer account, yes, a strong password. Your screen should lock after no more than an hour of inactivity so that your password is required to access it again. And your hard drive needs to be encrypted. I have administrated hundreds if not thousands of both Windows and Mac computers in my career and I have never had any trouble pulling data off a hard drive without a password when it was not encrypted. But when it’s encrypted, the only way to get the data off the drive is to have the master password to unlock the encryption. And because of this, that password needs to be stored in the cloud along with your make, model, serial number, and mac address. If you forget and lose that password, your data is also lost.
Theft Recovery Software: Both Windows and Mac have built-in software to locate a missing computer. Make sure you know how to use it and that you have tested it. Use these links for instructions: Mac: http://bit.ly/probitytectip001, Windows: http://bit.ly/probitytectip002.
I also recommend a piece of software called Prey (preyproject.com) , as in the prey of a predator. I love the idea of turning the tables on the thief and making them my prey. Prey works on both Windows and Mac, has a very small footprint, and is difficult to detect once installed. If your computer is stolen, you can login to your account at preyproject.com and mark it as stolen. The next time your stolen computer connects to the Internet you’ll start receiving reports with tons of useful information for tracking down your prey - uh, I mean finding your stolen computer; information like gps coordinates, WiFi triangulation location, the name of the WiFi it’s connected to, its private and public IP addresses, screenshots of what the thief is seeing, their browsing history, and even snapshots from the webcam. You can also trigger audible alarms that can’t be silenced, lock the device permanently, and wipe the hard drive if you’ve either given up on recovering it or protecting the data on it is more important than recovering it. Did I mention that it’s pretty awesome?
Honeypot: Continuing with the prey theme, a honeypot is something that lures your prey into a trap. All those great theft-recovery tools are absolutely useless if your computer never again connects to the Internet. Yep, that’s right. If E.T. can’t phone home then you won’t know where to find him. So if you lock your computer down so tightly that the thief can’t even connect it to the Internet, he’ll be forced to format or replace the hard drive and reload the operating system. Explaining this can get long and complicated but suffice it to say that if you’re more interested in recovering your computer than preventing the data on it from being compromised then you want to allow the thief an easy way to connect it to the Internet. At the very least this means that you need a non-privileged guest account setup and ready to go where anyone can see it.
So give it a try yourself. Pretend that you’re the thief. Can you see how to login to the guest account and successfully login to it? Can you get connected to WiFi (try this on WiFi that this computer has never connected to)? If not, fix it so that you’re able to hand it to a friend and that friend is able to get on the Internet. Once again, make sure that this account does not have admin privileges so they can’t do things like change the password on your account and gain access.
After the theft: So you’ve recorded all your information, you’re backing up to the cloud, you’ve got great passwords and drive encryption, installed theft recovery software, setup your honeypot, and your computer was just stolen. Here’s what I would do, in this order:
Activate your theft recovery software, both the operating system version and Prey. You may only get one chance at this and the sooner you activate it the more likely you are to find it. This shouldn’t take more than 10 minutes and the police report can probably wait that long.
Notify your network administrator if you have one. They may be able to help. Let them know what you’ve done so far and what you’re about to do.
Call the police and file a report. Have your information handy and make sure you give it to them even if they don’t ask.
File an insurance claim (they will usually require a police report).
Replace the computer (no sense in waiting; hate to tell you but in my experience most computers are never recovered, even with theft recovery software; but you do want to give yourself the best chance of catching the thief).
Restore your data from your cloud backups.
Determine if you need to take additional steps; notifying customers their personal data was on a stolen computer, changing passwords, monitoring your credit report, notifying ID theft recovery services, etc.
Believe it or not, that’s it. You’ve done everything you can do to protect your computer and more importantly, the data on it.
Now, one more thing. Think about getting a Chromebook instead of a Windows or Mac laptop. They’re not for everyone, but if one can do the job for you then there’s no data stored on it and therefore nothing to lose, they’re very inexpensive and can almost be treated like a consumable, and once you have a replacement just login and everything will be back to the way it was the last time you used the one that was stolen. There’s no antivirus/malware/phishing/ransomware software to install and license, no software to purchase at all, and no bothersome updates (it all happens behind the scenes). Basically, buy a Chromebook and ditch the rest of this article!
Contact ProbityTec today at www.probitytec.com and let us show you just how economical and beneficial it is for us to manage all this for you.
Mr. Bentley started ProbityTec in early 2018. He explains that the word probity just means integrity and he requests that you stop using the word integrity in favor of probity from this day forward. ProbityTec provides managed IT services to small and medium size businesses throughout West Tennessee. Mr. Bentley can be reached at 731-410-7017 and firstname.lastname@example.org.